package cn.tedu.straw.api.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

//表示声明类已过期
@Deprecated
//@Configuration
/**
 * Spring Security默认是禁用注解的，要想开启注解，
 * 需要在继承WebSecurityConfigurerAdapter的类上加@EnableGlobalMethodSecurity注解，
 * 来判断用户对某个控制层的方法是否具有访问权限 
 *
 * @EnableGlobalMethodSecurity 开启Spring Security的注解功能，
 *  并显式的配置注解属性prePostEnabled的值为true(该属性默认值为false)
 */
//@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig1 extends WebSecurityConfigurerAdapter {
    /**
     * 创建密码加密器对象交给Spring框架进行管理，后续Spring Security将通过自动装配获得密码加密器
     * @return 密码加密器对象
     */
    @Bean
    public PasswordEncoder passwordEncoder(){
        return NoOpPasswordEncoder.getInstance();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        //在内存中授权
        auth.inMemoryAuthentication()
                //withUser > 指定用户名
                .withUser("admin")
                //password > 指定密码
                .password("admin")
                //authorities > 指定授权,参数值是权限标识字符串,可以加多个权限标识字符串
                .authorities("/admin/list");
    }
}
